After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 440400 - sound-juicer crashes when "editing profiles"
sound-juicer crashes when "editing profiles"
Status: RESOLVED FIXED
Product: sound-juicer
Classification: Applications
Component: general
2.19.x
Other Linux
: Normal critical
: ---
Assigned To: Sound Juicer Maintainers
Sound Juicer Maintainers
: 474778 (view as bug list)
Depends on:
Blocks:
 
 
Reported: 2007-05-22 10:07 UTC by Sebastien Bacher
Modified: 2007-09-19 08:37 UTC
See Also:
GNOME target: ---
GNOME version: 2.19/2.20


Attachments
patch for svn head (562 bytes, patch)
2007-08-30 14:42 UTC, Stefan Röllin
committed Details | Review

Description Sebastien Bacher 2007-05-22 10:07:44 UTC
The bug has been opened on https://bugs.launchpad.net/ubuntu/+source/sound-juicer/+bug/115953

"Binary package hint: sound-juicer

clicking on EDIT PROFILES from the SoundJuicer pref-panel, it crashes SoundJuicer completely. Please note that I have both the ubuntu and the universe version of UGLY gstreamer packages installed.
..."

Debug backtrace for the crash:

  • #0 _g_utf8_normalize_wc
    at /build/buildd/glib2.0-2.12.12/glib/gunidecomp.c line 354
  • #1 IA__g_utf8_collate
    at /build/buildd/glib2.0-2.12.12/glib/gunicollate.c line 80
  • #2 alphabetic_cmp
    at audio-profile.c line 854
  • #3 g_list_sort_real
    at /build/buildd/glib2.0-2.12.12/glib/glist.c line 583
  • #4 g_list_sort_real
    at /build/buildd/glib2.0-2.12.12/glib/glist.c line 629
  • #5 g_list_sort_real
    at /build/buildd/glib2.0-2.12.12/glib/glist.c line 629
  • #6 gm_audio_profile_get_list
    at audio-profile.c line 866
  • #7 refill_profile_treeview
    at audio-profiles-edit.c line 220
  • #8 gm_audio_profiles_edit_init
    at audio-profiles-edit.c line 286
  • #9 IA__g_type_create_instance
    at /build/buildd/glib2.0-2.12.12/gobject/gtype.c line 1569
  • #10 g_object_constructor
    at /build/buildd/glib2.0-2.12.12/gobject/gobject.c line 1041
  • #11 IA__g_object_newv
    at /build/buildd/glib2.0-2.12.12/gobject/gobject.c line 937
  • #12 IA__g_object_new_valist
    at /build/buildd/glib2.0-2.12.12/gobject/gobject.c line 981
  • #13 IA__g_object_new
    at /build/buildd/glib2.0-2.12.12/gobject/gobject.c line 795
  • #14 gm_audio_profiles_edit_new
    at audio-profiles-edit.c line 762
  • #15 prefs_edit_profile_clicked
  • #16 IA__g_cclosure_marshal_VOID__VOID
    at /build/buildd/glib2.0-2.12.12/gobject/gmarshal.c line 77
  • #17 IA__g_closure_invoke
    at /build/buildd/glib2.0-2.12.12/gobject/gclosure.c line 490
  • #18 signal_emit_unlocked_R
    at /build/buildd/glib2.0-2.12.12/gobject/gsignal.c line 2440
  • #19 IA__g_signal_emit_valist
  • #20 IA__g_signal_emit
    at /build/buildd/glib2.0-2.12.12/gobject/gsignal.c line 2243
  • #21 IA__gtk_button_clicked
    at /build/buildd/gtk+2.0-2.10.12/gtk/gtkbutton.c line 889
  • #22 gtk_real_button_released
    at /build/buildd/gtk+2.0-2.10.12/gtk/gtkbutton.c line 1484
  • #23 IA__g_cclosure_marshal_VOID__VOID
    at /build/buildd/glib2.0-2.12.12/gobject/gmarshal.c line 77
  • #24 g_type_class_meta_marshal
    at /build/buildd/glib2.0-2.12.12/gobject/gclosure.c line 567
  • #25 IA__g_closure_invoke
  • #26 signal_emit_unlocked_R
    at /build/buildd/glib2.0-2.12.12/gobject/gsignal.c line 2370
  • #27 IA__g_signal_emit_valist
  • #28 IA__g_signal_emit
    at /build/buildd/glib2.0-2.12.12/gobject/gsignal.c line 2243
  • #29 IA__gtk_button_released
    at /build/buildd/gtk+2.0-2.10.12/gtk/gtkbutton.c line 881
  • #30 gtk_button_button_release
    at /build/buildd/gtk+2.0-2.10.12/gtk/gtkbutton.c line 1377
  • #31 _gtk_marshal_BOOLEAN__BOXED
    at /build/buildd/gtk+2.0-2.10.12/gtk/gtkmarshalers.c line 84
  • #32 g_type_class_meta_marshal
    at /build/buildd/glib2.0-2.12.12/gobject/gclosure.c line 567
  • #33 IA__g_closure_invoke
    at /build/buildd/glib2.0-2.12.12/gobject/gclosure.c line 490
  • #34 signal_emit_unlocked_R
    at /build/buildd/glib2.0-2.12.12/gobject/gsignal.c line 2478
  • #35 IA__g_signal_emit_valist
    at /build/buildd/glib2.0-2.12.12/gobject/gsignal.c line 2209
  • #36 IA__g_signal_emit
    at /build/buildd/glib2.0-2.12.12/gobject/gsignal.c line 2243
  • #37 gtk_widget_event_internal
    at /build/buildd/gtk+2.0-2.10.12/gtk/gtkwidget.c line 3915
  • #38 IA__gtk_propagate_event
    at /build/buildd/gtk+2.0-2.10.12/gtk/gtkmain.c line 2341
  • #39 IA__gtk_main_do_event
    at /build/buildd/gtk+2.0-2.10.12/gtk/gtkmain.c line 1575
  • #40 gdk_event_dispatch
    at /build/buildd/gtk+2.0-2.10.12/gdk/x11/gdkevents-x11.c line 2318
  • #41 IA__g_main_context_dispatch
    at /build/buildd/glib2.0-2.12.12/glib/gmain.c line 2045
  • #42 g_main_context_iterate
    at /build/buildd/glib2.0-2.12.12/glib/gmain.c line 2677
  • #43 IA__g_main_loop_run
    at /build/buildd/glib2.0-2.12.12/glib/gmain.c line 2881
  • #44 IA__gtk_main
    at /build/buildd/gtk+2.0-2.10.12/gtk/gtkmain.c line 1154
  • #45 main


Downgrading to 2.16.1 fixes the bug
Comment 1 Stefan Röllin 2007-08-30 14:42:51 UTC
Created attachment 94639 [details] [review]
patch for svn head

The attached patch fixes the crash mentioned above.

Description of problem/bug: an initial profile is set in 'sj_extractor_init', but is not referenced. After that, 'profile_changed_cb' is called from 'main'. Within 'profile_changed_cb', 'g_object_set' is used to set the current profile. This in turn calls 'sj_extractor_set_property' in which the initial profile is unreferenced and the reference count of this profile becomes zero. Thus it is freed. This leads to the crash mentioned in this bug report.

The patch also fixes the problem reported in bug #469252 (at least for me).
Comment 2 Sebastian Dröge (slomo) 2007-09-19 06:17:52 UTC
*** Bug 474778 has been marked as a duplicate of this bug. ***
Comment 3 Sebastian Dröge (slomo) 2007-09-19 07:05:15 UTC
The patch is probably right, but if the _ref is necessary it should also be done in src/sj-main.c:profile_changed_cb() before the g_object_set and an _unref afterwards, no? gm_audio_profile_lookup() returns the profiles directly from an internal hashtable and doesn't ref it before returning so couldn't it happen in theory, that the profile is unreffed already from another thread before giving it to g_object_set? Adding a ref after the lookup could still break though in that case but would at least be more save ;)
Comment 4 Sebastian Dröge (slomo) 2007-09-19 07:06:56 UTC
Whatever, the patch should probably committed ASAP to have it in the next 2.20 release.
Comment 5 Ross Burton 2007-09-19 08:14:10 UTC
The UI isn't threaded so there is no problem in sj-main.c.

Committed the patch to HEAD.
Comment 6 Sebastian Dröge (slomo) 2007-09-19 08:37:41 UTC
Great, thanks :)